Tier Three SOC Analyst - Middle - Híbrido en Baxter

About Baxter

Baxter provides a broad portfolio of essential renal and hospital products, including home, acute and in-centre dialysis; sterile IV solutions; infusion systems and devices; parenteral nutrition; surgery products and anesthetics; and pharmacy automation, software and services. The company’s global footprint and the critical nature of its products and services play a key role in expanding access to healthcare in emerging and developed countries. Baxter’s employees worldwide are building upon the company’s rich heritage of medical breakthroughs to advance the next generation of healthcare innovations that enable patient care 

Baxter GITC

Baxter GITC a global IT shared services center, in Mexico to deliver Baxter’s global enterprise IT needs. We develop and deploy enterprise wide IT solutions that support critical operations from HR to Manufacturing, Finance, Quality Compliance, Legal and other functions within the organization.

Job Title – Sr. Specialist, IT Security

Location – Guadalajara, Mexico

Shift – Multiple shifts between 7am and 9pm in support of 24x7 Operations

What you'll be doing

The primary purpose of this position is to monitor and address security alerts in a fast paced global environment. Core processes include triage, investigation, containment and escalation of incidents based on their severity. This position requires shift work and on-call duties in support of 24x7 coverage for global security monitoring and incident response. Overtime could be necessary to support activities during a major incident.

Duties include:

• Monitor core security platforms throughout the shift and triage alerts quickly and consistently
• Investigate alerts and develop containment and remediation actions to ensure that problems are fully resolved or escalated as needed
• Design and execute threat hunts to uncover malicious activity that may have gone undetected by automated security alerting
• Support the collection and analysis of internally and externally sourced threat intelligence
• Identify and recommend policy/alert tuning opportunities across the security toolset as needed to reduce false positives and improve the rate of detection against skilled attacks
• Support major security incident management by addressing data collection, analysis and communications requirements on a global scale
• Document incidents, investigation actions and lessons learned to support continuous improvement within the team
• Support additional engineering, operations and IT security projects as requested by management
• 
  

What you'll be doing

• 7+ years of experience with security monitoring, triage and incident handling
• Bachelor's degree in computer science or a related field
• Demonstrated skill operating security tools at multiple levels of the detection stack including Email, endpoint, web, network and cloud
• Security Incident and Event Management (SIEM) and ticket management experience required
• Familiar with enterprise IT processes for asset, configuration, change, incident and problem management
• Able to explain and leverage the normal operation of common network communication protocols, authentication processes and logging capabilities of modern platforms to identify and resolve security events
• Able to identify and describe anomalous and malicious behavior in terms of common attack lifecycle phases and techniques
• Excellent English verbal and written communication skills
• Demonstrated skill working as part of a team, collaborating and supporting peers in a fast-paced environment
• Industry certifications nice to have: OSCP, GCIH, GCIA, GCFE, GREM, GCFA, GSEC, CEH, CISSP, CISM

EEO (Equal Employment Opportunity)

Baxter is an equal opportunity employer. Baxter evaluates qualified applicants without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity or expression, protected veteran status, disability/handicap status or any other legally protected characteristic